IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Add support for disabling KDC writes

Browse Source 
Add two global ipaConfig options to disable undesirable writes that have
performance impact.
The "KDC:Disable Last Success" will disable writing back to ldap the last
successful AS Request time (successful kinit)
The "KDC:Disable Lockout" will disable completely writing back lockout
related data. This means lockout policies will stop working.

https://fedorahosted.org/freeipa/ticket/2734
This commit is contained in:
Simo Sorce
2012-05-23 12:35:44 -04:00
committed by Rob Crittenden
parent f8e7b516d9
commit f602ad270d
5 changed files with 78 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
ipalib/plugins/config.py
View File

@@ -177,7 +177,8 @@ class config(LDAPObject):
cli_name='ipaconfigstring',
label=_('Password plugin features'),
doc=_('Extra hashes to generate in password plug-in'),
values=(u'AllowLMhash', u'AllowNThash'),
values=(u'AllowLMhash', u'AllowNThash',
u'KDC:Disable Last Success', u'KDC:Disable Lockout'),
csv=True,
),
Str('ipaselinuxusermaporder',